The GovLab SCAN – Issue 65

As part of the GovLab’s Living Labs on Smarter Governance project, this is our 65th edition of The SCAN – Selected Curation of Articles on Net-Governance. Feel free to share your suggestions with us atSCAN@thegovlab.org.

This week’s highlights:

The White House released a 24-page draft of the Consumer Privacy Bill of Rights Act of 2015 outlining “the steps companies need to take to tell people what data they’re collecting and what they’re doing with that information.”

A Brazilian appeals court judge reversed an earlier decision to suspend WhatsApp in the country in response to the company’s unwillingness to comply with investigations into content that involved children and teenagers. The original decision was justified using the Brazilian Civil Rights Framework for the Internet called Marco Civil.

UNESCO released a draft study at the international multistakeholder conference CONNECTing the Dots this week. The study “presents a compilation of current trends, views and positions in current debates on the Internet related issues within the mandate of UNESCO.”

ICANN and IANA

In this article, the authors argue that the recent congressional hearings on “Preserving the Multistakeholder Model of Internet Governance”, “yielded some valuable insight into the status of the transition process” and the priorities of US policy makers with regards to Internet governance issues. During the panel, lawmakers focused on the idea of preventing authoritarian regimes from gaining control over critical Internet infrastructure. Kiehl and Post argue that this approach is “clinging too single-mindedly to this one problem”, and that lawmakers might be missing the possibility of other threats to freedom of expression. As an example, the authors suggest that “ICANN could use the Internet’s technical infrastructure as a means to enforce policy goals entirely unrelated to DNS operations.”

Internet Governance

The White House has released a 24-page draft of the Consumer Privacy Bill of Rights Act of 2015 which “outlines the steps companies need to take to tell people what data they’re collecting and what they’re doing with that information.” The draft also contains suggestions for data opt-out options and “mandates that companies give people information about how they store the data they collect, for how long, and how consumers can view those details.” The draft bill will go through several revisions before being voted on by the House and Senate.

In this article, Benjamin Dean, Fellow for Internet Governance and Cyber-security at the School of International and Public Affairs at Columbia University argues that “the financial incentives for companies to invest in greater information security are low and suggests that government intervention might be needed.” According to Dean, the losses incurred by companies such as Sony in high profile cyberattacks amount to less than 1% of the company’s annual income, and there is a “problem of “moral hazard” for private companies in the area of information security.” He states that governments could provide incentives for companies to invest more in information security, and that currently, government proposals “create a disincentive for companies to make this needed investment by promising blanket protection from cyber-attacks.”

The ride-sharing service Uber is trying to force Github “to disclose the IP address of every person that accessed a web page connected to a database intrusion that exposed sensitive personal data for 50,000 drivers.” Uber stored the security key to unlocking the database on a publicly accessible webpage, and this security key was used by someone from an IP address not associated with Uber to download these confidential and proprietary files from the Uber database. The article points out that “it’s not the first time people have posted highly confidential data to publicly accessible GitHub pages” and in January 2013, Arstechnica reported that “basic searches turned up dozens of passwords and security keys stored on publicly accessible GitHub pages.”

An American expat named Ryan Pate was arrested this week in the United Arab Emirates. He was charged with breaking the country’s cyber-slander laws when he posted derogatory Facebook comments about his employer, Global Aerospace Logistics (Gal) and his life in the UAE. Pate was arrested when he returned to Abu Dhabi to resign from his position at Gal. The case has drawn international attention and drawn a sharp focus on the UAE’s strict cyber-crime laws.

In this interview, Apple CEO Tim Cook discusses consumer privacy and the alleged trade-off between privacy and security. According to Cook, “You don’t want to eliminate everyone’s privacy. If you do, you not only don’t solve the terrorist issue but you also take away something that is a human right. The consequences of doing that are very significant.” He states that Apple keeps a minimal level of information on its customers, stating that “We are not a treasure trove of data. It is a cop-out to say: choose between privacy or security. There is no reason why customers should have to select one. There is no reason not to have both.”

During the Mobile World Congress in Barcelona, Spain on Monday, Sundar Pichai, Google’s senior vice president of Android, Chrome and Apps, revealed that Google will start experimenting with wireless services “in the coming months” and selling wirelessplans directly to smartphone buyers. In this article, Metz cites Google Fiber to point out that Google’s “ostensibly small experiments in internet access have a way of becoming very big” and that “this puts considerable pressure on the country’s big carriers to at least work better with outside networks—and perhaps improve their own networks at a faster pace.”

This article highlights reactions to recent changes to incoming telecoms legislation in the EU. With regards to privacy, civil society groups have warned that the new data protection package “is becoming an empty shell”, and the groups issued an analysis of leaked documents about “the Council’s position on regulation.” Additionally, with regard to roaming charges the original proposal for a single market would have “eliminated intra-EU roaming fees, allowing people to move around EU countries without having to pay more for mobile access than they would pay at home.” According to Meyer, now the Council “appears set to allow carriers to charge roaming surcharges for anything above a measly 5MB of data per day.”

This week, the US Supreme Court reinstated a lawsuit “that opens the door wide for states to expand their tax collection powers, and that will likely affect Amazon as well as smaller internet retailers.” According to the article, states have complained that they are unable to tax distant retailers due to a long-standing law, and “main street retailers are increasingly upset at online competitors who, they say, offer lower prices since they don’t have to charge tax.” Opponents of expanding out-of-state tax collection powers include states that have no sales tax, and those that “will argue it’s unfair for their businesses to have to carry out tax collection on behalf of others.”

This week, a Brazilian appeals court judge annulled a recent decision to suspend WhatsApp throughout the country. The original decision was a response to WhatsApp’s refusal to “collaborate with police investigations related to crimes involving children and teenagers.” News of the Whatsapp suspension sparked a public outcry throughout the world, and the hashtag #SemWhatsAppEu (#WithoutWhatsApp) was tweeted about 25,000 times in 4 days. The article reports that the original decision to suspend Whatsapp was justified by the Brazilian Civil Rights Framework for the Internet called Marco Civil which “allows sanctions to foreign internet companies who refuse to comply with Brazilian legislation.”

A draft Chinese antiterrorism law has faced opposition from US officials and businesses due to its ”requirements that telecommunications companies and Internet operators to aid Chinese security agencies in counterterrorism by taking steps that include handing over encryption codes and creating backdoors into their systems for use by authorities.” According to Fu Ying, spokeswoman for the legislature, the National People’s Congress, the measures conform to “common international practice” and that “many Western countries including the U.S. and the U.K., they have requested technology enterprises to provide means of disclosure.”

Papers and Reports

This week, the Alliance for Affordable Internet (A4AI) released their annual Affordability Report at the Mobile World Congress in Barcelona. One of the report’s primary findings include the fact that in developing and emerging nations, “fixed broadband connection costs the average citizen in these countries approximately 40% of their monthly income, eight times more than the affordability target set by the UN Broadband Commission in 2011.” A4AI researchers used primary research and secondary data to score countries on overall affordability environment. They also conduct statistical analyses on the links between policy and lower prices, with a corresponding “roadmap to affordable Internet.”

This draft study is an undertaking by UNESCO and was discussed at the international multistakeholder conference CONNECTing the Dots this week. The study “presents a compilation of current trends, views and positions in current debates on the Internet related issues within the mandate of UNESCO, including access to information and knowledge, freedom of expression, privacy, and ethical dimensions of the Information Society.”

In this journal article, the authors argue that “we have moved beyond the world of ‘realpolitik’ to encounter a world of ‘netpolitik’” and that consequently, “the players in this new world of complex interactions will need to understand network principles, and how to increase, in David Grewal’s words, “network power.”” The article discusses the inadequacies of existing models, challenges faced by sovereignty, and the effects of digital disruption. They define netpolitik as “ the optimization of the network form to engage in international affairs, particularly international communications” and outline the rise of netpolitik, how governments, NGOs and others can adopt principles of netpolitik, as well as challenges and barriers ahead.

Researchers at the Oxford Internet Institute have completed a project “to explore the impacts of changing internet connectivity in East Africa.” Through three reports, they detail their key findings “on the impact of connectivity on key sectors of production in the region, to see how the internet has been adopted and used to drive economic impact.” They “found that more reliable and better connectivity is affecting economic relations in all sectors” and that “most notably, as internet connectivity has become more available, reliable and cheaper, the ability to reach new customers and improve economic value is increasingly linked to digital resources, as much as the configuration of material goods.” They also state that “we need to ask who exerts control over the digital and how, when and under what conditions this control over the digital might change.”